nnrpd with SSL - questions

JG jg at cms.ac
Mon Aug 4 15:33:11 UTC 2003


hi
i upgraded from 2.3.5 to 2.4.0  (new OS installation, but configs from 2.3.5) some days ago and ran into the same "permissions error" but not your second error.
i'm starting inn as news user with rc.news and then i use the same command as you did as root:
=> /usr/lib/news/bin/nnrpd -b xxx.xxx.xxx.xxx -D -p 563 -S

my nnrpd is not SUID:
 -r-xr-xr-x    1 news     news       871398 Jul 31 11:21 /usr/lib/news/bin/nnrpd

at first the permissions of the cert file were 640 which worked without problems with inn 2.3.5 but not with 2.4.0 (got the same error: "bad ownership or permissions on private key")
then i set the permissions to 0400 and user:group to news:news and it worked (tested with 2 different clients).
-r--------    1 news     news         2997 Jul 31 10:16 /usr/lib/news/lib/cert.pem


> Obviouslly if the "cert.pem" file owner UID is not the same
> like the nnrpd proccess real user UID or the "cert.pem" file
> permissions are not set "xx00" this error should be returned.
> Isn't this is controverse to what is written in the man page
> and done when "make cert" is issued?

it seems that the code for ssl changed in 2.4.0 (didn't check) and this is a bug in the Makefile. maybe some of the developers can help out with this.

*hth*

JG


-- Attached file included as plaintext by Ecartis --

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)

iD8DBQE/LnzPU788cpz6t2kRAmlwAKCLZdIwQnmLl3g3CQQOR8j864O5SwCfTiyD
8letyVPGOnZraqOtp8OxKHQ=
=Vi+R
-----END PGP SIGNATURE-----




More information about the inn-workers mailing list